Application Security Inc. - Securing Business by Securing Enterprise Applications

home

client login

partner login

online store

search:

MOST POPULAR CONTENT

1.	Top Database Security Threats for 2008
2.	Database Security Best Practices for Federal Agencies
3.	PCI Compliance at the Database Level
4.	Forrester WAVE Summary Scorecard
5.	SOX Compliance and Database Security

AppDetective™ Update 5.1.0 - 12 August 2005

ENHANCEMENTS

Distributed System
Oracle Checks
Updated Checks
Command Line Interface

DISTRIBUTED SYSTEM

Major enhancements to AppDetective's Distributed System capabilities for better handling of distributed scanning across the enterprise
To learn more about the enhancements made to AppDetective's Distributed System, contact us at sales@appsecinc.com

Oracle - NEW CHECKS

Critical Patch Update - July 2005
Examines if the database contains vulnerabilities described by Critical Patch Update - July 2005
Risk Level - High
SDO_CMT_CBK_TRIG trigger abuse
Examines if the database is vulnerable to SDO_CMT_CBK_TRIG trigger abuse
Risk Level - High
service_register_NSGR DoS
Examines if the database is vulnerable to service_register_NSGR DoS
Risk Level - High
SQL injection in SDO_LRS_TRIG_INS trigger
Examines if the database is vulnerable to SQL injection in SDO_LRS_TRIG_INS trigger
Risk Level - High
TEMPFILE parameter buffer overflow
Examines if the database is vulnerable to TEMPFILE parameter buffer overflow
Risk Level - Low
TO_CHAR buffer overflow
Examines if the database is vulnerable to TO_CHAR buffer overflow
Risk Level - High
CREATE DATABSE LINK buffer overflow
Examines if the database is vulnerable to TEMPFILE parameter buffer overflow
Risk Level - High
DIRECTORY object path traversal
Examines if the database is vulnerable to DIRECTORY object path traversal
Risk Level - High
DoS in Oracle interMedia
Examines if the database is vulnerable to DoS in Oracle interMedia
Risk Level - High
Multiple SQL injections in DBMS_CDC_{I}SUBSCRIBE procedures
Examines if the database is vulnerable to SQL Injection in DBMS_CDC_SUBSCRIBE
Risk Level - High
Multiple SQL injections in DBMS_METADATA procedures
Examines if the database is vulnerable to SQL Injection in DBMS_METADATA
Risk Level - High
SQL injection in ALTER_MANUALLOG_CHANGE_SOURCE
Examines if the database is vulnerable to SQL injection in ALTER_MANUALLOG_CHANGE_SOURCE
Risk Level - High
SQL injection in CREATE_SCN_CHANGE_SET
Examines if the database is vulnerable to SQL Injection in CREATE_SCN_CHANGE_SET
Risk Level - High
EXTPROC library name buffer overflow
Examines if the database is vulnerable to EXTPROC library name buffer overflow
Risk Level - High
Clear text passwords in logs
Examines if the database leaves cleartext passwords in logs
Risk Level - Medium
CTX_OUTPUT.START_LOG buffer overflow
Examines if the database is vulnerable to CTX_OUTPUT.START_LOG buffer overflow
Risk Level - Medium
DBMS_AQADM.VERIFY_QUEUE_TYPES buffer overflow
Examines if the database is vulnerable to DBMS_AQADM.VERIFY_QUEUE_TYPES buffer overflow
Risk Level - Medium
DBMS_AQADM.VERIFY_QUEUE_TYPES_GET_NRP buffer overflow
Examines if the database is vulnerable to DBMS_AQADM.VERIFY_QUEUE_TYPES_GET_NRP buffer overflow
Risk Level - Medium
DBMS_AQADM.VERIFY_QUEUE_TYPES_NO_QUEUE buffer overflow
Examines if the database is vulnerable to DBMS_AQADM.VERIFY_QUEUE_TYPES_NO_QUEUE buffer overflow
Risk Level - Medium
DBMS_INTERNAL_REPCAT.VALIDATE buffer overflow
Examines if the database is vulnerable to ENABLE_RECEIVER_TRACE buffer overflow
Risk Level - Medium
DBMS_RECTIFIER_DIFF.DIFFERENCES buffer overflow
Examines if the database is vulnerable to DBMS_RECTIFIER_DIFF.DIFFERENCES buffer overflow
Risk Level - Medium
DBMS_SYSTEM.KSDWRT buffer overflow
Examines if the database is vulnerable to DBMS_SYSTEM.KSDWRT buffer overflow
Risk Level - Medium
DISABLE_RECEIVER_TRACE buffer overflow
Examines if the database is vulnerable to DISABLE_RECEIVER_TRACE buffer overflow
Risk Level - Medium
ENABLE_PROPAGATION_TO_DBLINK buffer overflow
Examines if the database is vulnerable to ENABLE_PROPAGATION_TO_DBLINK buffer overflow
Risk Level - Medium
ENABLE_RECEIVER_TRACE buffer overflow
Examines if the database is vulnerable to ENABLE_RECEIVER_TRACE buffer overflow
Risk Level - Medium
EXTPROC directory traversal
Examines if the database is vulnerable to EXTPROC directory traversal
Risk Level - Medium
PARALLEL_PUSH_RECOVERY buffer overflow
Examines if the database is vulnerable to DBMS_AQADM.VERIFY_QUEUE_TYPES buffer overflow
Risk Level - Medium
iSQL*Plus local file access
Examines if the database is vulnerable to iSQL*Plus local file access
Risk Level - Medium
FILE parameter buffer overflow
Examines if the database is vulnerable to the FILE parameter buffer overflow
Risk Level - Low
LOGFILE parameter buffer overflow
Examines if the database is vulnerable to the LOGFILE parameter buffer overflow
Risk Level - Low
LTUTIL.PUSHDEFERREDTXNS buffer overflow
Examines if the database is vulnerable to DBMS_REPCAT_RQ.ADD_COLUMN buffer overflow
Risk Level - Low
DBMS_REPCAT_RQ.ADD_COLUMN buffer overflow
Examines if the database is vulnerable to DBMS_REPCAT_RQ.ADD_COLUMN buffer overflow
Risk Level - Low
DBMS_REPCAT_UTL.IS_MASTER buffer overflow
Examines if the database is vulnerable to DBMS_REPCAT_RQ.ADD_COLUMN buffer overflow
Risk Level - Low
DRIDDLR.SUBINDEXPOPULATE buffer overflow
Examines if the database is vulnerable to DRIDDLR.SUBINDEXPOPULATE buffer overflow
Risk Level - Low
CONTROLFILE parameter buffer overflow
Examines if the database is vulnerable to a CONTROLFILE parameter buffer overflow
Risk Level - Low
DATAFILE parameter buffer overflow
Examines if the database is vulnerable to a DATAFILE parameter buffer overflow
Risk Level - Low

UPDATED CHECKS

MySQL

ENHANCEMENTS

Enhancements to Command Line Interface

Return to ASAP™ Updates Listing